Monday, September 19, 2011

Some comments on the UBS Rogue Trader

There has been lots said about the rogue trader at UBS. The best gag was that the name for a trader who makes money breaching risk limits is "managing director". Matt Taibbi argued that rogue traders were what banks hired when they hired "risk takers".

All of that misses the point. A well organized financial institution - any financial institution - has a back-office and a front-office (and sometimes a "middle office"). The back office records and settles trades and sometimes measures risk. (The risk measurement function is sometimes at the "middle office".) If you have your systems right you can hire "risk takers" all you like. They won't kill you because the "back office" and "middle office" won't let them.

If anyone is able to break the risk limits, managing director, lowly trader, then that is a failure of the system and reflects directly on senior management who have a core function of making sure the systems work.

Oswald Gruebel (the CEO of UBS) took a different stance (hat-tip Kid Dynamite) and argued that management could not stop rogue trading. (Quoted Chicago Tribune.)

Speaking for the first time since UBS revealed the loss, Gruebel told the Swiss weekly Der Sonntag that the loss couldn’t have been prevented.

“If someone acts with criminal energy, then you can’t do anything. That will always be the case in our business,” the former trader said in the interview published Sunday.

No Mr Gruebel: there will always be criminals, there will always be people who want to steal from your bank or go to the casino on your dime. You cannot monitor all those people but you can and should build systems that are as robust as possible to human nature and when you fail to do that you fail in your job.

But worse: your statement that "you can't do anything" is a statement that you are abdicating your duty. I hope that statement is misquoted because if I were on your board and you took that stance I would be seeking your resignation. To lose money to a determined rogue trader is an error - and all systems have holes. To deny you can do anything about it is to give up being a banker.

There is a really good reason why you don't promote people from back or middle office to front office: they know the systems well enough to cover their tracks. Better the norm where very few front office people have a clue what happens to a trade once they press "done". Leeson, Kerviel and Adoboli all had this in common. Note to management - if you want to hire a back or middle office guy to do a front office job, hire them from a different bank.

Alas every second back-office guy wants to be in the front office. After all front-office guys are paid more and have more decision making power. Back-office is administrative and procedural. Front-office are "risk takers" which is somewhat more glamorous. But there are good reasons for discriminating against back-office guys, especially when bank systems are not robust.

Whatever: A message to the UBS CEO. An internally discriminatory hiring policy is not as good as robust systems but it is surely better than what you are doing Mr Gruebel.

It only seems to make sense to prohibit hiring from Middle Office/Back Office to Front Office if you don't ponder below the surface. The problem isn't "people that know the systems" -- the problem is the systems. The systems are quite easy for an astute person to circumvent, whether they are a Front Office person, or a grizzled Back Office employee. The endemic problem is that the Back Office has max downside for Front Office risk management, and does not participate in the Front Office upside.

Actually it's pretty easy to design systems that will flag the type of bottom drawing that the press suggests was being done (I did it for MacBank as far back as '89).You need to review all cancel/corrects, if the delta/and or P&L on the cancel correct book has a trend mean that is not zero - Houston we have a problem.

Most Banks can't load the cancel/corrects as a portfolio and P&L them or run the greeks and thus miss the bleeding obvious.

The other thing you need to be able to do is to have the front office systems expected cash drops tie out to the back office actual cash settlements.

Its a pain in the butt to do for most Banks as they lack quality reconciliation tools but if you are able to implement it it helps close the loop.

As risk is normally run out of the front office records not the settlement systems you really want to make sure the two are consistent at all times.

Some of the best traders I know were former risk managers, and I have seen system cliches exploited by traders who had never been near the back office. So the proposed prohibition on promoting middle/back office people to traders doesn't make sense to me.

My advice to operational risk managers who are looking for rogue traders is to monitor the levels of confectionary consumption in the dealing room. Nick Lesson and Luke Duffy both packed away the lollies!

There plenty of reason's why this happens and will continue to happen.

A back office accountant on $100k is never going to have as much say as a trader taking home $500k +. Especially when the trade has a vested interest in reporting a higher number where as the back office couldn't care less.

This is exaggerated by the fact that Traders are often aggressive and assertive where as the personality type needed to be in the back office is quite the opposite. An aggressive assertive person is not going to do the same process day after day ad nauseum.

Couple this with the off-shoring of back office functions to processing centres in Mumbai where they have no contact with the traders or understanding of the trades they are policing and it is getting really ugly.

Throw in a silo issue where no one in the line has responsibility over the entire process.

Finally as a cost centre the back office is constantly being squeezed meaning deadlines become tighter and tighter until there is no time for thorough investigation of books.

This means that exceptions and red flags are often missed or not escalated.

Back in the day the value add to the banks was superior risk assessment and management, the traders were a dime a dozen. Maybe the return to such a set up is the solution?

Otherwise look forward to more of the same as all these lay offs squeeze the control function further.

I have nothing intelligent to add to this post, so I will be a pedant instead. It's Matt Taibbi, (I don't think that he is Lebanese habbibi), and if you're going to be a Rouge Trader, I think scarlet is prettier.

The differences in income between front and back office might explain why an underpaid operations clerk might steal. But it doesn’t explain why the highly paid trader would risk job, reputation and usually a jail sentence when the perpetrators stands to take no direct financial benefit beyond what might be expected in remuneration arrangement for a successful trader.

So why do they do it? Why take the risk?

My theory is a simple one. It is all about ego. Rogue traders conceal losses because they don’t want to admit that they are wrong.

Afterthought: Rogue traders never conceal profits. They brag about them!

I don't think the systems in UBS are built in a way that can capture those rouge trades. In most cases, the systems are not fully integrated front to back but silo-based. So each department is only looking at the trades from their point of view.

My presumptions:From the BO side, settlements would not allow settlement unless positions from the Exchange and internal trade repository are reconciled. OTC trades will require a layer of confirmations but the trades entered are exchange-traded. Our rouge trader would not have any problems getting past settlements team.

From the Risk, MO side, typically there is a hedging portfolio on which hedges are booked. So from a risk perspective if the trader's sensitivities or positions are flat on both the hedging and trading book, nothing much to scream about.

There has/should have been a level of trade validation by a senior trader to verify that the hedges put in place are true. MO and BO would not have any visibility on those trades.

" But it doesn’t explain why the highly paid trader would risk job, reputation and usually a jail sentence when the perpetrators stands to take no direct financial benefit beyond what might be expected in remuneration arrangement for a successful trader. "

The dichotomy in pay wasnt meant to explain why the trader risks his bla bla bla its meant to explain why a lowly back office guy isnt going to catch him. Traders 'generate profits' while back office guys 'generate costs.'

The easiest solution would be to institute a bounty. Every time a back office guy catches a trader engaging in illegal activity the bank pays out the back office guy the greater of (a) the rougue trader's bonuses for the last 3 years or (b) 2% of the money saved had the trade not been stopped.

No system can _prevent_ rogue trading If nothing else, human conspiracy will find a way around it, and FO and BO office conspiring is not that unusual - after all, the trader for example promise to "save" the lowly BO person by lobbying to promote them to the coveted junior trader position.

On the other hand, systems can be designed to catch it _once_it_happened_.

Unfortunately, the latter costs quite a bit of ongoing effort (for various reasons - mostly simply because the world changes), and it doesn't sound as good to say "we have systems that can catch the rat once he's in" as "we have a system that prevents a rat getting in" - even though the latter is impossible.

Thus some effort is often done on the latter (prevention), but little on the former (detection).

Not to mention that few banks (or any large corporation for the matter) have truly integrated system as opposed to a hodge-podge of systems as they evolved historically (which I believe makes it even more important - but expensive - to look at detection rather than prevention)

What I find curious is that as far as I can remember NAB was the only place where more than one person was charged - and I have few doubts that most of the rogue traders are pure soloists.

I don't think it is a coincidence that Kerviel and Adoboli worked on delta one desks. Without these scandals they both would have been profitable desks, therefore in the real world would inevitably have been given more leeway, but also their position sizes are normally large relative to the amount of risk being taken.

Its not a question of just building better IT because there are a lot of OTC positions. IT is not going to save you from a stack of tickets being stuffed into the drawer. You need to have risk managers and front office heads responsible for reconciling margin, and cash requirements with reported positions.

I very much disagree with the Taibi point though and the MD joke, if somebody makes a mistake on a desk, and its at a small profit, its easy to correct it and own up, most of these situations occur through small mistakes snowballing and never being flagged. There are plenty of smaller cases of people being fired for mismarking their book, or taking positions that were not authorised. I don't think anyone who's managed other traders could ever overlook a guy stuffing tickets or breaking his limits. Those smaller cases just don't get reported on income statements.

The issue for UBS going forward is that the risk cops (despite missing a huge control issue) will be given massive amounts of power and their instinct will be to stifle anything that doesn't fit their paradigm of what is a good trade.

The "approval processes" will become even more laboured and bureaucratic and back office staff will now be involved in things that most of them know nothing about, namely making money.

UBS' inability to crack the premier league of investment banking is no particular mystery to anyone in the industry. Rather than being run as a lean, hungry trading shop it is run like a corporation with layers of management who's jobs seem to involve meeting each other and sitting on various internal boards. Its kind of like a diluted Goldman .... Plenty of people who would like to eat each ohers lunch but dont have the balls to steal the sandwiches.

Its not the 2bn that will hurt them, its the knee jerk reaction and the rise of the jobsworths

@BlackRavenOTC or not OTC doesn't matter - some cash has to be settled and that's not done by hand. Arguably, small amounts of cash can escape - it's not worth to spend half a day arguing over $50 - although even that gets caught by a proper system if the cumulative discrepancy over a period of time is too large.

@anonymous at 8:45BS. Traders have their risk limits, and no risk manager is going to kill "short/buy x shares of y" if it's within the risk limits.

Risk managers (market and/or credit) can kill one offs (which implies very bespoke or very large), and so they should - but they can do it now.

The reason I think stuff being OTC matters is because you can have odd settlements, because the margining is different, and because the confirmation is, otc. All of which is a lot easier to circumvent when its not listed.

The "front office" learns very quickly the limits and/or holes in a trading platform. Ways around any barrier limiting their trades, often with management conciously ignoring front office manipulation, is common. The front-back office model is a flawed model to start with as NEW regulatory, client, status, and product changes are more often pushed from the front to the back, not the contrary.

front office people are paid several times more than back office. front office is a "profit centre" and it is easier to justify the high pay. back office is a cost centre, under constant pressure to "reduce costs". inevitably skill migrates towards front office, and back office ends up with people who have no better career choice. often in departments like product control, risk management or audit you will have people that have very little clue about what is going on. I have been through more than 10 audits over the years and can't remember having met an auditor who has a f-ing clue about derivatives.

rather than stop back office guys from becoming traders, banks should hire ex traders to run the show in the control functions. that means paying up.

Anonymous 8.45 is a good example of the problem Anonymous 5.21 is talking about.

Hiring high achieving, money-oriented psychopaths just doesnt go together with good risk control.

Make it so if they win, they get a bonus and if they lose, someone else takes the loss, then don't be surprised if they take risks and the firm blows up occasionally.

Make it so they cant make risky trades, or otherwise use risk control to get between them and the bonus they are entitled to by virtue of being them, and expect copious whining and, if they can get away with it, bullying of those charged with enforcing the risk controls.

Maybe what you need is to pay more middle, back office, risk & finance staff and invest in systems at the expense of traders, sales and structurers. This will ensure the experienced guys remain in the control functions spotting the rogue traders.This industry pay structure is too biased to risk-taking

It's only natural that people attribute the credits to themselves when things are doing well, but blame the systematic inevitability when things are doing bad.

The bottom line is, we don't even need to hear any explanations, who ever on the position shall "pay for" the misconduct or "bad luck." That should be part of the nature of the job and should be clear to all.

to add to already interesting discussion, forgive me a little lecture on security systems theory. Many people, yourself included as evident from the post, consider "hiding" the security mechanisms a critical point in their performance, e.g. you say "don't hire back office to front because they know the system and therefore know how to gamble it".

Well, it so happens that various theories of computerised management/control were pretty mature since before I was born, and this concept above is long shown a fallacy:- A proper code, security/control system et.c. should withstand penetration attempts by someone in possession of full and detailed documentation.It's a pretty harsh ideal (but not beyond reach - there are already several codes that work like that), but it should be a major design goal. Any security mechanism that relies heavily on secrecy of it algorithms and fails almost instantly to break attempts by someone with that knowledge is "defective by design".Therefore, if that's the way bank trader control measures work, those measures suck, plain and simple.

(And then "easy solutions" won't really help. Don't hire back office to front office, never allow back and front office guys to meet/chat/friend, kill back office guys upon leaving the company so they don't spread the word :) - what else?)

As a follow-up, just occured to me, why people keep talking about "possible" and "impossible" in security? It's not a meaningful measure.Cost-effective or cost-uneffective are the name of the game.

People talk about those (rare enough) public cases of loud "BANG - too little security", because, well, perception bias - it's huge, it's story. People outside of specialists rarely talk about "too much security", even while it could be as much, or more, of a problem.

Make a series of mini-boards of traders mixed with reputable analysts and have them vote on each trade. Volia - no more rogue trading, whatsoever (unless the whole board gets somehow corrupted, which is far less likely then one trader)!"what a stupid idea, no trade gonna ever be done, much less in timely and profitably fashion", you probably think. And, well, you're right.

So my point is, we know how much is being lost because of rogue traders, but we (most of us anyways) don't have any idea- how much is *earned* by rogue traders, including those that never catch their "bad day" and therefore never get Loud Fail, nontheless operating beyond their institution's risk control guidelines, and- how much would be lost by all traders in a given bank due to inconveniences caused by a more stiff control protocols that reduce risks of rogue traders.

I actually seen a fair amount of companies where the combined direct and indirect costs of security are higher then any imaginable thieft, meaning, if they just drop all of it and open their warehouses wide, they would end up cash-plus from what they have (one actually had guts to do so on my urging - yep, worked. You also get far happier stuff that feels more like in charge and less like in concentration camp).

When fighting some "wrong' it is important (funny how we also have that saying in Russian) not to throw the baby out with the bathwater.

I think it's easy to blame outsourcing, underpaid backoffice and shifting balance of power towards risk takers. But in the end - are you so sure that building better risk controls, design right incencitives etc will be money well spent even considering $2bn incident? I mean being cynical, maybe it's ok from shareholder's point of view (and CEO should in theory listen to them)?

it is obvious to me that is the wrong way to look at it, because there is no guarantee that it stops at $2bn. There is no way that delta one desks have been profitable over the last five years including the costs.

Just ask Peter Baring whether the cost of separating functions is too high?

John-- back to your trademark prostie cost comparison, some in Australia are charging AUD 350/hr. What do you think? http://www.bloomberg.com/news/2011-08-21/lovesick-miners-seeking-more-than-gold-raise-costs-for-rio-bhp.html

General disclaimer

The content contained in this blog represents the opinions of Mr. Hempton. You should assume Mr. Hempton and his affiliates have positions in the securities discussed in this blog, and such beneficial ownership can create a conflict of interest regarding the objectivity of this blog. Statements in the blog are not guarantees of future performance and are subject to certain risks, uncertainties and other factors. Certain information in this blog concerning economic trends and performance is based on or derived from information provided by third-party sources. Mr. Hempton does not guarantee the accuracy of such information and has not independently verified the accuracy or completeness of such information or the assumptions on which such information is based. Such information may change after it is posted and Mr. Hempton is not obligated to, and may not, update it. The commentary in this blog in no way constitutes a solicitation of business, an offer of a security or a solicitation to purchase a security, or investment advice. In fact, it should not be relied upon in making investment decisions, ever. It is intended solely for the entertainment of the reader, and the author. In particular this blog is not directed for investment purposes at US Persons.